1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: HIjackthis log, windows crashing, error messages, AARRGGhhhh

Discussion in 'Virus & Other Malware Removal' started by nrouette, Oct 18, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    Hi there all you talented and patient people! Please help! I ran Hijackthis, got confused, have run virus scans, spybot, AVG, tried all ways to fix my pc w/out reloading WINDOWS to fix all these errors. ENT System service error, crashes, slowed or not getting emails... Please can anyone help!??? Thank You!:(

    My system is only a little over a year old, Dell DimensionE510, WINDOWS XP... basic model unsure of how to retrieve other system details....

    Logfile of HijackThis v1.99.1
    Scan saved at 1:15:52 PM, on 10/18/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
    C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
    C:\Program Files\Cox\Applications\app\Console.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Cox\Applications\App\syssvcnt.exe
    C:\Documents and Settings\Nicole\Desktop\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.family.org/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AuthPopupBHO01.cBHO - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
    O2 - BHO: (no name) - {CFE15135-C591-4000-A55E-A50E5F9F82BC} - C:\Program Files\Video Add-on\isfmdl.dll (file missing)
    O3 - Toolbar: Cox Popup Blocker - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: IE Custom Tools - {23ED2206-856D-461A-BBCF-1C2466AC5AE3} - C:\Program Files\Video Add-on\ictmdl.dll (file missing)
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
    O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151039781171
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Cox High Speed Internet Security Suite System Service (AuthSysSvc) - Authentium, Inc. - C:\Program Files\Cox\Applications\App\syssvcnt.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Download the Trial version of Superantispyware Pro (SAS):
    http://www.superantispyware.com/superantispyware.html?rid=3132


    Install it and double-click the icon on your desktop to run it.
    · It will ask if you want to update the program definitions, click Yes.
    · Under Configuration and Preferences, click the Preferences button.
    · Click the Scanning Control tab.
    · Under Scanner Options make sure the following are checked:
    o Close browsers before scanning
    o Scan for tracking cookies
    o Terminate memory threats before quarantining.
    o Please leave the others unchecked.
    o Click the Close button to leave the control center screen.
    · On the main screen, under Scan for Harmful Software click Scan your computer.
    · On the left check C:\Fixed Drive.
    · On the right, under Complete Scan, choose Perform Complete Scan.
    · Click Next to start the scan. Please be patient while it scans your computer.
    · After the scan is complete a summary box will appear. Click OK.
    · Make sure everything in the white box has a check next to it, then click Next.
    · It will quarantine what it found and if it asks if you want to reboot, click Yes.
    · To retrieve the removal information for me please do the following:
    o After reboot, double-click the SUPERAntispyware icon on your desktop.
    o Click Preferences. Click the Statistics/Logs tab.
    o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    o It will open in your default text editor (such as Notepad/Wordpad).
    o Please highlight everything in the notepad, then right-click and choose copy.
    · Click close and close again to exit the program.
    · Please paste that information here for me with a new Hijack This log.
     
  3. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    I'm running the superantispyware now, but also now am having probs w/ a "device driver"... according to the windows error reporting anyway.. turned on the pc today and there were no icons on desktop, no programs would open, took maybe 5-10 minutes for anything to open....
     
  4. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    Here's the new HJT Log...

    Logfile of HijackThis v1.99.1
    Scan saved at 10:10:22 AM, on 10/19/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Cox\Applications\App\syssvcnt.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
    C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Cox\Applications\app\Console.exe
    C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Nicole\Desktop\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.family.org/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AuthPopupBHO01.cBHO - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
    O3 - Toolbar: Cox Popup Blocker - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
    O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151039781171
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Cox High Speed Internet Security Suite System Service (AuthSysSvc) - Authentium, Inc. - C:\Program Files\Cox\Applications\App\syssvcnt.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

    Also, the file from SASW....

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 10/19/2007 at 09:22 AM

    Application Version : 3.9.1008

    Core Rules Database Version : 3327
    Trace Rules Database Version: 1328

    Scan type : Complete Scan
    Total Scan Time : 01:38:42

    Memory items scanned : 500
    Memory threats detected : 0
    Registry items scanned : 6541
    Registry threats detected : 124
    File items scanned : 77431
    File threats detected : 121

    Trojan.Media-Codec/V4
    HKLM\Software\Classes\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
    HKCR\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
    HKCR\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
    HKCR\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}\Implemented Categories
    HKCR\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
    HKCR\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}\InprocServer32
    HKCR\CLSID\{23ED2206-856D-461A-BBCF-1C2466AC5AE3}\InprocServer32#ThreadingModel
    C:\PROGRAM FILES\VIDEO ADD-ON\ICTMDL.DLL
    HKLM\Software\Classes\CLSID\{CFE15135-C591-4000-A55E-A50E5F9F82BC}
    HKCR\CLSID\{CFE15135-C591-4000-A55E-A50E5F9F82BC}
    HKCR\CLSID\{CFE15135-C591-4000-A55E-A50E5F9F82BC}#xxx
    HKCR\CLSID\{CFE15135-C591-4000-A55E-A50E5F9F82BC}\InprocServer32
    HKCR\CLSID\{CFE15135-C591-4000-A55E-A50E5F9F82BC}\InprocServer32#ThreadingModel
    C:\PROGRAM FILES\VIDEO ADD-ON\ISFMDL.DLL
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFE15135-C591-4000-A55E-A50E5F9F82BC}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar#{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
    HKU\S-1-5-21-3216203347-2104014628-3198309857-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{23ED2206-856D-461A-BBCF-1C2466AC5AE3}
    HKU\S-1-5-21-3216203347-2104014628-3198309857-1005\Software\Online Add-on
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools#UninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features#UninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center#UninstallString
    C:\RECYCLER\S-1-5-21-3216203347-2104014628-3198309857-1005\DC5\ICMNTR.EXE
    C:\RECYCLER\S-1-5-21-3216203347-2104014628-3198309857-1005\DC5\ISFMM.EXE

    Adware.Tracking Cookie
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][4].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][3].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][5].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][1].txt
    C:\Documents and Settings\Nicole\Local Settings\Temp\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][3].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][3].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][4].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][1].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][2].txt
    C:\Documents and Settings\Ron\Cookies\[email protected][3].txt

    Malware.AntiVirGear
    C:\Program Files\AntiVirGear 3.8\AntiVirGear 3.8.exe
    C:\Program Files\AntiVirGear 3.8
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\akmpdKshuq
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\deds
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\InprocServer32#ThreadingModel
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\nembu
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\ProgID
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\qgvtdcsLBzsi
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\sBvykjqmasrmd
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\TypeLib
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\uhaYj
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\VersionIndependentProgID
    HKCR\CLSID\{3BC3AC5B-3BBB-9DBE-8166-EC650E3B9B48}\wpuortgfA
    HKCR\TypeLib\{DE6AE29A-EB7D-4656-9418-26D5FCC9ADF5}
    HKCR\TypeLib\{DE6AE29A-EB7D-4656-9418-26D5FCC9ADF5}\1.0
    HKCR\TypeLib\{DE6AE29A-EB7D-4656-9418-26D5FCC9ADF5}\1.0\0
    HKCR\TypeLib\{DE6AE29A-EB7D-4656-9418-26D5FCC9ADF5}\1.0\0\win32
    HKCR\TypeLib\{DE6AE29A-EB7D-4656-9418-26D5FCC9ADF5}\1.0\FLAGS
    HKCR\TypeLib\{DE6AE29A-EB7D-4656-9418-26D5FCC9ADF5}\1.0\HELPDIR
    HKCR\Interface\{0A0FC1A4-41D4-4793-9AC5-0B55CDC95AE9}
    HKCR\Interface\{0A0FC1A4-41D4-4793-9AC5-0B55CDC95AE9}\ProxyStubClsid
    HKCR\Interface\{0A0FC1A4-41D4-4793-9AC5-0B55CDC95AE9}\ProxyStubClsid32
    HKCR\Interface\{0A0FC1A4-41D4-4793-9AC5-0B55CDC95AE9}\TypeLib
    HKCR\Interface\{0A0FC1A4-41D4-4793-9AC5-0B55CDC95AE9}\TypeLib#Version
    HKCR\Interface\{14F47CA3-2291-4B3E-9ED4-8C7E6AE80851}
    HKCR\Interface\{14F47CA3-2291-4B3E-9ED4-8C7E6AE80851}\ProxyStubClsid
    HKCR\Interface\{14F47CA3-2291-4B3E-9ED4-8C7E6AE80851}\ProxyStubClsid32
    HKCR\Interface\{14F47CA3-2291-4B3E-9ED4-8C7E6AE80851}\TypeLib
    HKCR\Interface\{14F47CA3-2291-4B3E-9ED4-8C7E6AE80851}\TypeLib#Version
    HKCR\Interface\{2447284F-3590-4E8C-A869-049BD87CAD07}
    HKCR\Interface\{2447284F-3590-4E8C-A869-049BD87CAD07}\ProxyStubClsid
    HKCR\Interface\{2447284F-3590-4E8C-A869-049BD87CAD07}\ProxyStubClsid32
    HKCR\Interface\{2447284F-3590-4E8C-A869-049BD87CAD07}\TypeLib
    HKCR\Interface\{2447284F-3590-4E8C-A869-049BD87CAD07}\TypeLib#Version
    HKCR\Interface\{38EEEF46-CA24-4ACA-A90D-540978DF7252}
    HKCR\Interface\{38EEEF46-CA24-4ACA-A90D-540978DF7252}\ProxyStubClsid
    HKCR\Interface\{38EEEF46-CA24-4ACA-A90D-540978DF7252}\ProxyStubClsid32
    HKCR\Interface\{38EEEF46-CA24-4ACA-A90D-540978DF7252}\TypeLib
    HKCR\Interface\{38EEEF46-CA24-4ACA-A90D-540978DF7252}\TypeLib#Version
    HKCR\Interface\{3D5E5AE1-5DED-4520-BDC2-B9292EA708CA}
    HKCR\Interface\{3D5E5AE1-5DED-4520-BDC2-B9292EA708CA}\ProxyStubClsid
    HKCR\Interface\{3D5E5AE1-5DED-4520-BDC2-B9292EA708CA}\ProxyStubClsid32
    HKCR\Interface\{3D5E5AE1-5DED-4520-BDC2-B9292EA708CA}\TypeLib
    HKCR\Interface\{3D5E5AE1-5DED-4520-BDC2-B9292EA708CA}\TypeLib#Version
    HKCR\Interface\{409A05EF-1B48-4198-B6BF-993B8B52790C}
    HKCR\Interface\{409A05EF-1B48-4198-B6BF-993B8B52790C}\ProxyStubClsid
    HKCR\Interface\{409A05EF-1B48-4198-B6BF-993B8B52790C}\ProxyStubClsid32
    HKCR\Interface\{409A05EF-1B48-4198-B6BF-993B8B52790C}\TypeLib
    HKCR\Interface\{409A05EF-1B48-4198-B6BF-993B8B52790C}\TypeLib#Version
    HKCR\Interface\{47A93011-1004-440C-9960-BD3B0348A7C2}
    HKCR\Interface\{47A93011-1004-440C-9960-BD3B0348A7C2}\ProxyStubClsid
    HKCR\Interface\{47A93011-1004-440C-9960-BD3B0348A7C2}\ProxyStubClsid32
    HKCR\Interface\{47A93011-1004-440C-9960-BD3B0348A7C2}\TypeLib
    HKCR\Interface\{47A93011-1004-440C-9960-BD3B0348A7C2}\TypeLib#Version
    HKCR\Interface\{50B388D5-4A80-4191-8BCC-5DD031D7F3EE}
    HKCR\Interface\{50B388D5-4A80-4191-8BCC-5DD031D7F3EE}\ProxyStubClsid
    HKCR\Interface\{50B388D5-4A80-4191-8BCC-5DD031D7F3EE}\ProxyStubClsid32
    HKCR\Interface\{50B388D5-4A80-4191-8BCC-5DD031D7F3EE}\TypeLib
    HKCR\Interface\{50B388D5-4A80-4191-8BCC-5DD031D7F3EE}\TypeLib#Version
    HKCR\Interface\{58A1ACE6-0DBA-45D2-8154-E8253A7B87BB}
    HKCR\Interface\{58A1ACE6-0DBA-45D2-8154-E8253A7B87BB}\ProxyStubClsid
    HKCR\Interface\{58A1ACE6-0DBA-45D2-8154-E8253A7B87BB}\ProxyStubClsid32
    HKCR\Interface\{58A1ACE6-0DBA-45D2-8154-E8253A7B87BB}\TypeLib
    HKCR\Interface\{58A1ACE6-0DBA-45D2-8154-E8253A7B87BB}\TypeLib#Version
    HKCR\Interface\{73D25394-992F-43D1-BF92-48494CC0D1AE}
    HKCR\Interface\{73D25394-992F-43D1-BF92-48494CC0D1AE}\ProxyStubClsid
    HKCR\Interface\{73D25394-992F-43D1-BF92-48494CC0D1AE}\ProxyStubClsid32
    HKCR\Interface\{73D25394-992F-43D1-BF92-48494CC0D1AE}\TypeLib
    HKCR\Interface\{73D25394-992F-43D1-BF92-48494CC0D1AE}\TypeLib#Version
    HKCR\Interface\{7D2A83A4-0687-4704-937E-A29045826F77}
    HKCR\Interface\{7D2A83A4-0687-4704-937E-A29045826F77}\ProxyStubClsid
    HKCR\Interface\{7D2A83A4-0687-4704-937E-A29045826F77}\ProxyStubClsid32
    HKCR\Interface\{7D2A83A4-0687-4704-937E-A29045826F77}\TypeLib
    HKCR\Interface\{7D2A83A4-0687-4704-937E-A29045826F77}\TypeLib#Version
    HKCR\Interface\{A7FE54B2-B167-4017-BCCC-CF73B2F678E3}
    HKCR\Interface\{A7FE54B2-B167-4017-BCCC-CF73B2F678E3}\ProxyStubClsid
    HKCR\Interface\{A7FE54B2-B167-4017-BCCC-CF73B2F678E3}\ProxyStubClsid32
    HKCR\Interface\{A7FE54B2-B167-4017-BCCC-CF73B2F678E3}\TypeLib
    HKCR\Interface\{A7FE54B2-B167-4017-BCCC-CF73B2F678E3}\TypeLib#Version
    HKCR\Interface\{C183B073-2D7F-45BC-8967-80147CECEE45}
    HKCR\Interface\{C183B073-2D7F-45BC-8967-80147CECEE45}\ProxyStubClsid
    HKCR\Interface\{C183B073-2D7F-45BC-8967-80147CECEE45}\ProxyStubClsid32
    HKCR\Interface\{C183B073-2D7F-45BC-8967-80147CECEE45}\TypeLib
    HKCR\Interface\{C183B073-2D7F-45BC-8967-80147CECEE45}\TypeLib#Version
    HKCR\Interface\{F6FDBF9A-19A7-4F0A-9F46-6F015A067B44}
    HKCR\Interface\{F6FDBF9A-19A7-4F0A-9F46-6F015A067B44}\ProxyStubClsid
    HKCR\Interface\{F6FDBF9A-19A7-4F0A-9F46-6F015A067B44}\ProxyStubClsid32
    HKCR\Interface\{F6FDBF9A-19A7-4F0A-9F46-6F015A067B44}\TypeLib
    HKCR\Interface\{F6FDBF9A-19A7-4F0A-9F46-6F015A067B44}\TypeLib#Version
    HKCR\Interface\{F90A7969-20A0-4257-B39D-9C73D64CE3B0}
    HKCR\Interface\{F90A7969-20A0-4257-B39D-9C73D64CE3B0}\ProxyStubClsid
    HKCR\Interface\{F90A7969-20A0-4257-B39D-9C73D64CE3B0}\ProxyStubClsid32
    HKCR\Interface\{F90A7969-20A0-4257-B39D-9C73D64CE3B0}\TypeLib
    HKCR\Interface\{F90A7969-20A0-4257-B39D-9C73D64CE3B0}\TypeLib#Version
    HKCR\Interface\{FA38F299-57F8-4FEB-9096-715460AE943C}
    HKCR\Interface\{FA38F299-57F8-4FEB-9096-715460AE943C}\ProxyStubClsid
    HKCR\Interface\{FA38F299-57F8-4FEB-9096-715460AE943C}\ProxyStubClsid32
    HKCR\Interface\{FA38F299-57F8-4FEB-9096-715460AE943C}\TypeLib
    HKCR\Interface\{FA38F299-57F8-4FEB-9096-715460AE943C}\TypeLib#Version
    C:\WINDOWS\Prefetch\ANTIVIRGEAR 3.8.EXE-059F116E.pf

    Malware.Installer-Pkg/Gen
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{3C48F877-A164-45E9-B9DA-26A049FFC207}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6293BC00-4EB8-4C65-8548-53E2FC3BF937}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{651956B7-1969-42AA-9453-E0B813019D54}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{989E4C3B-B2C9-4486-9A09-D5A8F953837C}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C0A0AA4D-C79B-48CA-8843-2B02B626C9E6}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C2D8F0E2-6978-4409-8351-BA8785DA11EE}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{D1A6F3FD-7B40-443F-8767-BADB25A0D222}.EXE
    C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{E0814F95-5380-4892-B8C8-7FA4B349EF46}.EXE

    Browser Hijacker.Favorites
    C:\RECYCLER\S-1-5-21-3216203347-2104014628-3198309857-1005\DC1.URL
    C:\RECYCLER\S-1-5-21-3216203347-2104014628-3198309857-1005\DC2.URL

    Trojan.Unknown Origin
    C:\RECYCLER\S-1-5-21-3216203347-2104014628-3198309857-1005\DC5\OT.ICO
    C:\RECYCLER\S-1-5-21-3216203347-2104014628-3198309857-1005\DC5\TS.ICO
     
  5. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Download ComboFix to your Desktop.

    • Double click combofix.exe and follow the prompts.
    • When finished, it will produce a log for you. Post that log and a new HijackThis log in your next reply
    Note: Do not mouseclick combofix's window while it's running as that may cause it to stall
     
  6. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    TY... ran combofix, HJT newest log.....

    Logfile of HijackThis v1.99.1
    Scan saved at 4:56:42 PM, on 10/19/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Cox\Applications\App\syssvcnt.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
    C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Cox\Applications\app\Console.exe
    C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Nicole\Desktop\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.family.org/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AuthPopupBHO01.cBHO - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
    O3 - Toolbar: Cox Popup Blocker - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
    O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151039781171
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Cox High Speed Internet Security Suite System Service (AuthSysSvc) - Authentium, Inc. - C:\Program Files\Cox\Applications\App\syssvcnt.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
     
  7. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Do you have the combofix results?
     
  8. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    i'm a goofball.. here's the log... also, just got a windows error,
    sed.cfexe has encountered a problem and needs to close... click to send error report to microsoft reporting... in not so many words... any ideas?

    COMBOFIX LOG
    ComboFix 07-10-19.1 - Nicole 2007-10-19 20:26:27.2 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.508 [GMT -7:00]
    Running from: C:\Documents and Settings\Nicole\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((( Files Created from 2007-09-20 to 2007-10-20 )))))))))))))))))))))))))))))))
    .

    2007-10-19 16:06 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-10-19 07:37 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
    2007-10-19 07:37 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2007-10-19 07:37 <DIR> d-------- C:\Documents and Settings\Nicole\Application Data\SUPERAntiSpyware.com
    2007-10-19 07:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2007-10-16 07:18 <DIR> d-------- C:\Documents and Settings\Ron\Application Data\AVG7
    2007-10-15 14:59 <DIR> d-------- C:\Documents and Settings\Nicole\Application Data\AVG7
    2007-10-15 14:57 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
    2007-10-15 14:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-10-15 14:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
    2007-10-12 18:52 <DIR> d-------- C:\Documents and Settings\Nicole\Application Data\Move Networks
    2007-10-10 21:31 <DIR> d-------- C:\Program Files\MapPuzzles
    2007-10-10 21:31 398,416 --a------ C:\WINDOWS\system\VBRUN300.DLL
    2007-10-10 21:31 188,960 --a------ C:\WINDOWS\system\WINGDE.DLL
    2007-10-10 21:31 92,208 --a------ C:\WINDOWS\system\WING.DLL
    2007-10-10 21:31 68,096 --a------ C:\WINDOWS\system\MKWND16.DLL
    2007-10-10 21:31 44,544 --a------ C:\WINDOWS\system\MKWIPE16.DLL
    2007-10-10 21:31 31,232 --a------ C:\WINDOWS\system\WWND.DLL
    2007-10-10 21:31 12,800 --a------ C:\WINDOWS\system32\Wing32.dll
    2007-10-10 14:36 582,656 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
    2007-10-10 09:47 <DIR> d-------- C:\WINDOWS\pss
    2007-10-06 18:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-19 17:41 4,184 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    2007-10-15 21:50 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2007-09-28 15:56 --------- d-----w C:\Program Files\LimeWire
    2007-09-06 02:04 --------- d-----w C:\Program Files\Picasa2
    2007-08-29 23:15 --------- d-----w C:\Program Files\Java
    2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    2007-08-21 06:15 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
    2007-08-20 10:04 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    2007-08-20 10:04 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    2007-08-20 10:04 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
    2007-08-20 10:04 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
    2007-08-20 10:04 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2007-08-20 10:04 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-08-20 10:04 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
    2007-08-20 10:04 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
    2007-08-20 10:04 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    2007-08-20 10:04 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2007-08-20 10:04 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-08-20 10:04 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-08-20 10:04 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
    2007-08-20 10:04 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
    2007-08-20 10:04 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
    2007-08-20 10:04 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    2007-08-20 10:04 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    2007-08-20 10:04 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
    2007-08-20 10:04 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-08-20 10:04 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
    2007-08-20 10:04 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
    2007-08-20 10:04 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll
    2007-08-20 10:04 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-08-17 10:21 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-08-17 10:20 63,488 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-08-17 10:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-08-17 07:34 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    2007-08-08 23:09 118,784 ----a-w C:\WINDOWS\Web\Wallpaper\Fairy Forest Animated Wallpaper.exe
    2007-08-01 03:45 69,632 ----a-w C:\WINDOWS\system32\wshext.dll
    2007-08-01 03:45 69,632 ------w C:\WINDOWS\system32\dllcache\wshext.dll
    2007-08-01 03:45 491,520 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
    2007-08-01 03:45 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
    2007-08-01 03:45 413,696 ------w C:\WINDOWS\system32\dllcache\vbscript.dll
    2007-08-01 03:45 36,864 ----a-w C:\WINDOWS\system32\wshcon.dll
    2007-08-01 03:45 32,768 ----a-w C:\WINDOWS\system32\dispex.dll
    2007-08-01 03:45 32,768 ------w C:\WINDOWS\system32\dllcache\dispex.dll
    2007-08-01 03:45 163,840 ----a-w C:\WINDOWS\system32\scrobj.dll
    2007-08-01 03:45 163,840 ------w C:\WINDOWS\system32\dllcache\scrobj.dll
    2007-08-01 03:45 155,648 ----a-w C:\WINDOWS\system32\scrrun.dll
    2007-08-01 03:45 155,648 ------w C:\WINDOWS\system32\dllcache\scrrun.dll
    2007-08-01 03:45 135,168 ----a-w C:\WINDOWS\system32\wscript.exe
    2007-08-01 03:45 135,168 ------w C:\WINDOWS\system32\dllcache\wscript.exe
    2007-08-01 03:45 114,688 ----a-w C:\WINDOWS\system32\cscript.exe
    2007-08-01 03:45 114,688 ------w C:\WINDOWS\system32\dllcache\cscript.exe
    2007-07-31 02:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
    2007-07-31 02:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
    2007-07-31 02:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
    2007-07-31 02:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
    2007-07-31 02:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2007-07-31 02:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
    2007-07-31 02:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
    2007-07-31 02:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
    2007-07-31 02:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
    2007-07-31 02:19 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
    2007-07-31 02:19 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
    2007-07-31 02:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
    2007-07-31 02:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
    2007-07-31 02:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2007-07-31 02:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
    2007-07-31 02:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
    2007-07-31 02:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 12:01]
    "SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 21:20 C:\WINDOWS\stsystra.exe]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 19:05]
    "DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2006-05-03 03:12]
    "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 08:44]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 08:44]
    "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 03:20]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-06-05 22:12]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
    "MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-09-08 17:20]
    "MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 16:16]
    "ESP"="C:\Program Files\Cox\Applications\app\start.exe" [2006-12-11 06:31]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-05 22:02]
    "Lexmark 3100 Series"="C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-03 19:33]
    "LXBRKsk"="C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe" [2003-06-13 07:57]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-06-15 16:15]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-15 14:56]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:24]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-03 09:24]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 03:00]
    "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-06-05 21:59:25]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

    R0 GRFILTER;Authentium NDIS Driver;C:\WINDOWS\system32\drivers\GRFILTER.sys
    R2 GRTdiMon;Authentium TDI Mon;C:\WINDOWS\system32\Drivers\GRTdiMon.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
    AutoRun\command - E:\setup.exe

    *Newly Created Service* - CATCHME
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-19 20:27:48
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-10-19 20:29:01
    C:\ComboFix2.txt ... 2007-10-19 16:12
    .
    --- E O F ---
    :rolleyes:
     
  9. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Also post a new Hijack This log.

    Is that error still coming up?
     
  10. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    i did post the newest HJT log... it's above the post that you requested the combofix log... no more error messages so far.... but who knows what lurks.. i'll run a new HJT just in case.....here it is...

    Logfile of HijackThis v1.99.1
    Scan saved at 8:49:02 PM, on 10/20/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Cox\Applications\App\syssvcnt.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
    C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Cox\Applications\app\Console.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Nicole\Desktop\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.family.org/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AuthPopupBHO01.cBHO - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
    O3 - Toolbar: Cox Popup Blocker - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ESP] C:\Program Files\Cox\Applications\app\start.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
    O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~2\LXBRKsk.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151039781171
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Cox High Speed Internet Security Suite System Service (AuthSysSvc) - Authentium, Inc. - C:\Program Files\Cox\Applications\App\syssvcnt.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

    TY so much!:eek:
     
  11. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    Bummer... getting the other error message again, which makes the IE slow way down or stop working... ESP NT SYTEM SERVICE LAUNCHER has encountered a problem and needs to close.... it's one of those errors that I've looked up, but can't figure out how to fix! it eventually seems to play a part in helping the system crash, or seems to anyway... any extra input?
     
  12. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
  13. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    That is the general consensus, but when I DL the fix listed, it really doesn't fix it... I uninstalled a bunch of crap from my pc, rebooted, then installed firefox/mozilla and rebooted.... so far no crashes though- does this mean my issue might be fixed? ought i run another combofix log and HJT also?
     
  14. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    No I don't think you need to rerun either. The last Hijack This log looked fine.

    If the error no longer persists, it sounds solved.

    Do you feel the system is running better now?
     
  15. nrouette

    nrouette Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    16
    yes, i am fairly certain the system runs better now- mozilla doesn't crash, i'm not getting error messages.... does COX security suite suck or what? i dunno, but i guess this means it's fixed for now!!! MUCH THANKS TO YOU AND YOUR PATIENT HELP!!!
    Nicole
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Solved HIjackthis windows
  1. hfrei
    Replies:
    1
    Views:
    283
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/640168

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice